Openvpn on LXD 3.0.3

Do we have some official cookbook on how to deal with (unprivileged) containers and openvpn on LXD 3.0.3, aka what comes with ubuntu 18.04 lts?

Posts i’ve seen usually don’t work. Scripts found online are really outdated and with later versions of lxd/lxc this should be easier, no?

Anyhow, what i’ve tried is

raw.lxc: |-
    lxc.mount.entry = /dev/net/tun dev/net/tun none bind,create=file
    lxc.cgroup.devices.allow = c 10:200 rwm


Actually, to answer my own question almost immediatelly after submitting:


should be edited in systemctl edit openvpn-client@

This is what i missed in the published solutions and i edited it jus in openvpn@

Also worth noting that /dev/net/tun is allowed in the default configuration, so no special config is needed for this.